Azure DevOps Roadmap
| What's New | Developer Community | DevOps Blog | Documentation |
Product roadmap
This feature list is a peek into our roadmap. It identifies some of the significant features we are currently working on and a rough timeframe for when you can expect to see them. It is not comprehensive but is intended to provide some visibility into key investments. At the top you will find a list of our large multi-quarter initiatives and the features that they break down into. Further down you will find the full list of significant features we have planned.
Each feature is linked to an article where you can learn more about a particular item. These features and dates are the current plans and are subject to change. The Timeframe columns reflect when we expect the feature to be available.
Initiatives
GitHub Advanced Security for Azure DevOps
GitHub Advanced Security for Azure DevOps (GHAzDO) brings additional security features to Azure DevOps under an additional license. Any project collection administrator can now enable Advanced Security for their organization, projects and repos from the Project Settings or Organization Settings.
The main capabilities of GitHub Advanced Security for Azure DevOps are:
- Secret Scanning: Detect and remediate plaintext secrets in your git repositories. If push protection is enabled, it also detects and blocks secrets before they are pushed to your repositories.
- Code Scanning: Search for potential security vulnerabilities and coding errors in your code using CodeQL or a third-party tool.
- Dependency Scanning: Detect and alert when your code depends on a package that is insecure and recieve straightforward remediation guidance.
You can learn more about how to configure GitHub Advanced Security for Azure DevOps in our documentation.
Upcoming capabilities we expect to deliver include:
| Feature | Area | Quarter |
|---|---|---|
| Determine detected partner secrets validity | GitHub Advanced Security for Azure DevOps | 2025 Q1 |
| Link Boards items to Advanced Security Alerts | GitHub Advanced Security for Azure DevOps | 2025 Q2 |
| Automatically fix detected dependency scanning vulnerabilities with Dependabot security updates | GitHub Advanced Security for Azure DevOps | Future |
| CodeQL default setup (one-click enablement) | GitHub Advanced Security for Azure DevOps | Future |
Minimizing the risks associated with credential theft
Azure DevOps supports many different authentication mechanisms, including basic authentication, personal access tokens (PATs), SSH, and Microsoft Entra ID (formerly Azure Active Directory) access tokens. These mechanisms are not created equally from a security perspective, especially when it comes to the potential for credential theft. For example, unintended leakage of credentials like PATs can let malicious actors into Azure DevOps organizations where they can gain access to critical assets like source code, pivot toward supply chain attacks, or even pivot toward compromising production infrastructure. To minimize the risks of credential theft, we will focus our efforts in the upcoming quarters in the following areas:
Enable administrators to improve authentication security through control plane policies.
Reducing the need for PATs and other stealable secrets by adding support for more secure alternatives.
Deepening Azure DevOps' integration with Microsoft Entra ID to better support its various security features.
Avoiding the need to store production secrets in Azure Pipelines service connections.
| Feature | Area | Quarter |
|---|---|---|
| PAT lifecycle APIs | General |  2022 Q4 |
| Control plane for personal access tokens (PAT) | General | 2022 Q4 |
| Managed Identity and Service Principal support (preview) | General | 2023 Q1 |
| Workload identity federation for Azure Deployments (preview) | Pipelines | 2023 Q3 |
| Granular scopes for Azure Active Directory OAuth | General | 2023 Q3 |
| Managed Identity and Service Principal support (GA) | General | 2023 Q3 |
| Workload identity federation for Azure service connection (GA) | Pipelines | 2024 Q1 |
| Workload identity federation for Docker service connection | Pipelines | 2024 H2 |
| Full web support for Conditional Access Policies | General | 2024 Q4 |
| Policies to disable the use of personal access tokens (PAT) | General | 2025 Q1 |
| New service connection type for pipelines to authenticate with Azure DevOps | Pipelines | 2025 Q1 |
| Workload identity federation using Entra-issued tokens | Pipelines | 2025 Q2 |
Improved Boards + GitHub Integration
The existing Azure Boards + GitHub integration has been in place for several years now. The integration is a great starting point, but it does not offer the level of traceability that our customers have grown accustomed to. Based on customer feedback, we have put together set of investments to enhance this integration. Our goal is to improve upon it so that Azure Boards customers who choose to use GitHub repositories can maintain an equivalent level of traceability to having repositories in Azure DevOps.
These investments include:
| Feature | Area | Quarter |
|---|---|---|
| Add link to GitHub commit or pull request from work item | Boards | 2024 Q1 |
| Show more details about a GitHub pull request | Boards | 2024 Q1 |
| Improve scalability when searching and linking GitHub repos to an Azure DevOps project |
Boards | 2024 Q2 |
| AB# links on GitHub pull request (preview) | Boards | 2024 Q2 |
| Create branch on GitHub repository from work item | Boards | 2024 Q3 |
| Support for GitHub Enterprise Cloud with data residency | Boards | 2025 Q1 |
| ! mentions support for GitHub pull requests | Boards | 2025 Q1 |
|
Show build status when using a YAML build pipeline with GitHub repository |
Boards | 2025 Q1 |
| Support state transitions when merging a GitHub pull request | Boards | 2025 Q1 |
| Automatically link pull requests when linked to a GitHub branch | Boards | 2025 Q1 |
| Auto link the merge commit | Boards | 2025 Q1 |
|
Automatically remove branch links when their corresponding GitHub branches are deleted |
Boards | 2025 Q1 |
Migrate to Managed DevOps Pools
Managed DevOps Pools is an evolution of Azure DevOps Virtual Machine Scale Set agent pools. It provides better pool scalability and reliability, simplifies pool management, and allows you to use the VM images from Microsoft-hosted agents on custom Azure VMs. You can read more about Managed DevOps Pools here and the differences between them here. Managed DevOps Pools is generally available, so you can migrate your Virtual machine Scale Set pools to Managed DevOps Pools and use them for production workflows, wherever possible.
Below, you will find several investments we plan to deliver as part of this initiative:
| Feature | Area | Quarter |
|---|---|---|
| Spot VM agents | Pipelines | 2025 Q2 |
| Preemptive agent download | Pipelines | 2025 Q2 |
| Add trusted root certificates | Pipelines | 2025 Q2 |
| Container based agents | Pipelines | 2025 Q2 |
YAML and release pipelines feature parity
For the past several years, all our pipelines investments have been in the area of YAML pipelines. Furthermore, all our security improvements have been for YAML pipelines. For example, with YAML pipelines, the control over protected resources (e.g., repositories, service connections, etc.) is in the hands of the resource owners as opposed to pipeline authors. The job access tokens that are used in YAML pipelines are scoped to specific repositories that are specified in the YAML file. These are just two examples of security features that are available for YAML pipelines. For these reasons, we recommend using YAML pipelines over classic. Adoption of YAML over classic has been significant for builds (CI). However, many customers have continued to use classic release management pipelines over YAML for releases (CD). The primary reason for this is the lack of parity in various CD features between the two solutions. Over the past year, we addressed several gaps in this area, notably in Checks. Checks are the primary mechanism in YAML pipelines to gate promotion of a build from one stage to another. We will continue to address gaps in other areas over the next year. Our focus will be on user experiences, traceability, and environments.
| Feature | Area | Quarter |
|---|---|---|
| Auditing for checks | Pipelines | 2022 Q4 |
| Custom variables in checks | Pipelines | 2023 Q1 |
| Checks scalability | Pipelines | 2023 Q2 |
| Bypass approvals and checks | Pipelines | 2023 Q4 |
| Sequencing approvals and other checks | Pipelines | 2024 Q1 |
| Deferred approvals | Pipelines | 2024 Q1 |
| Rerun single stage | Pipelines | 2024 Q1 |
| Manual queuing of stages | Pipelines | 2024 H2 |
| Stage-level concurrency | Pipelines | 2024 Q3 |
| Stage-level traceability | Pipelines | 2025 Q2 |
| On-demand out of order execution of stages | Pipelines | 2025 Q2 |
| Service connections in checks | Pipelines | Future |
| Checks extensibility | Pipelines | Future |
Azure Test Plans improvements
Azure DevOps provides a variety of testing tools and integrations to support different testing needs. These include manual testing, automated testing, and exploratory testing. The platform allows for the creation and management of test plans and test suites, which can be used to track manual testing for sprints or milestones. Additionally, Azure DevOps integrates with CI/CD pipelines, enabling automated test execution and reporting.
We are ramping up our investments in this area in response to feedback from our most active customer base. Our focus will be on the following aspects of test management: improving end-to-end test traceability; extending support for various programming languages and frameworks for automated testing in Test Plans; redesigning workflows and experiences for consuming test runs and test results.
Below, you will find several investments that we plan to deliver as part of this initiative:
| Feature | Area | Quarter |
|---|---|---|
| Support for JUnit/Java in Azure Test Plans | Test Plans | 2025 Q1 |
| Support for Pytest/Python in Azure Test Plans | Test Plans | 2025 Q1 |
| Restore deleted test plans and test suites using REST API | Test Plans | 2025 Q1 |
| Auto-pause manual test case run | Test Plans | 2025 Q1 |
| Quick access to Test Results in Test Case | Test Plans | 2025 Q2 |
| Resume paused test cases on by default | Test Plans | 2025 Q2 |
| New Test Run experience | Test Plans | 2025 Q2 |
| Advanced Test Case result history | Test Plans | 2025 Q2 |
All features
Azure DevOps Services
Azure DevOps Server
How to provide feedback
We would love to hear what you think about these features. Report any problems or suggest a feature through Developer Community.
You can also get advice and your questions answered by the community on Stack Overflow.